Denyhosts is a must have if you run secure shell

If you run secure shell you absolutely must run DenyHosts along with it. Secure Shell has been under security attack recently by random username/password probe attempts. Hopefully your secure shell server is good enough to leave entries such as

The only problem I have with DenyHosts is that if you already have a hosts.deny file with items in it, there doesn’t seem to be a way to put the ssh deny rules at the top of the file. If you have rules that contradict the DenyHosts entries they will show up above the DenyHosts stuff and cancel them out.

DenyHosts 2.x added synchronization mode such that attacke to your server will (optionally) be uploaded to the central DenyHosts server. Attacke to other servers will (optionally) be downloaded by your DenyHosts instance.http://www.denyhosts.net/sync.html

Also, DenyHosts can add entries to a file other than /etc/hosts.deny such as /etc/hosts.denyhosts. Such that entries will not conflict with any local rules.http://www.denyhosts.net/faq.html#aux

DenyHosts 2.x added synchronization mode such that attacks to your server will (optionally) be uploaded to the central DenyHosts server. Attacks to other servers will (optionally) be downloaded by your DenyHosts instance.http://www.denyhosts.net/sync.html

Also, DenyHosts can add entries to a file other than /etc/hosts.deny such as /etc/hosts.denyhosts. Such that entries will not conflict with any local rules.http://www.denyhosts.net/faq.html#aux